With fake cloudflare error page 143.244.191.19|tmobile-fraudprevent.com|2022-02-07 17:13:16 143.244.191.19|tmobile-secureverify.com|2022-02-07 17:13:25
phishing server
138.91.113.185|secure-58wells.com|2022-02-07 00:41:21 138.91.113.185|secure19-wells.com|2022-02-07 03:01:56 138.91.113.185|secure47-wells.com|2022-02-07 14:46:58
OskiStealer botnet controller @104.21.71.57
The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. OskiStealer botnet controller located at 104.21.71.57 on port 80 (using HTTP POST): hXXp://t-shinwa-jp.com/admin//6.jpg $ dig +short t-shinwa-jp.com 104.21.71.57 Other malicious domain names hosted on this IP address:… Читать далее OskiStealer botnet controller @104.21.71.57
RedLineStealer botnet controller @62.182.159.86
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 62.182.159.86 on port 65531 TCP: $ telnet 62.182.159.86 65531 Trying 62.182.159.86… Connected to 62.182.159.86. Escape character… Читать далее RedLineStealer botnet controller @62.182.159.86
BitRAT botnet controller @158.69.152.26
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 158.69.152.26 on port 54329 TCP: $ telnet 158.69.152.26 54329 Trying 158.69.152.26… Connected to 158.69.152.26. Escape character… Читать далее BitRAT botnet controller @158.69.152.26
phishing server
167.172.240.250|amacongzsecurezaccountinfomzxzs.org|2022-02-07 01:01:23 167.172.240.250|amzounzsecureeaccountsecurity.com|2022-02-01 21:11:55 167.172.240.250|paypaalsecureeaccountsecurity.com|2022-02-01 16:52:11 167.172.240.250|paypaasecureeaccountzxgzhe.org|2022-02-07 01:40:36 167.172.240.250|paypaasecureeaccountzxgzingfos.com|2022-02-01 07:11:51 167.172.240.250|paypaasecureeaccountzxgzizxda.net|2022-02-07 03:17:35 167.172.240.250|paypaasecureeaccountzxgzzxdfs.com|2022-02-06 23:16:20 167.172.240.250|paypaasecureeaccountzxgzzxdfs.net|2022-02-07 03:27:54 167.172.240.250|paypalunlockedsecurityzcount.com|2022-02-07 01:51:24 167.172.240.250|securitycentermanageaccountaskdj-zmxcbka.com|2022-02-07 06:06:21
spam source
Received: from ihjlkopfyuvdh.us (141.95.104.75) Sender: jim=fustinis.com@mg.fustinis.com Date: Thu, 11 Nov 2021 15:07:xx +0000 Subject: =?UTF-8?B?WW91ciBQYWNrYWdlIC1Ob3RpZmljYXRpb24=?= =?UTF-8?B?8J+OhA==?=
Spam Emitter (OMICS)
Malware botnet controller @176.119.147.221
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 176.119.147.221 on port 443: $ telnet 176.119.147.221 443 Trying 176.119.147.221… Connected to 176.119.147.221. Escape character is… Читать далее Malware botnet controller @176.119.147.221
Malware botnet controller @45.8.228.16
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 45.8.228.16 on port 443: $ telnet 45.8.228.16 443 Trying 45.8.228.16… Connected to 45.8.228.16. Escape character is… Читать далее Malware botnet controller @45.8.228.16